Cyber-threat actors are evolving their tactics to target key industries more efficiently, operating like businesses, according to a recent report by Darktrace. The study analyzed attack data from the energy, healthcare, and retail sectors in 2022, revealing that threat actors are tailoring their strategies to specific industries based on efficiency and cost-effectiveness.
Toby Lewis, global head of threat analysis at Darktrace, emphasized that cyber-threat actors are approaching their attacks with a business mindset, constantly seeking ways to make their hackers more efficient and achieve better results with fewer resources. This approach results in a constant evolution of tactics, making it challenging for cybersecurity teams to predict and defend against these threats.
In the energy sector, Darktrace found a significant increase in crypto-mining threats in 2022. UK energy firms experienced a 13-times increase in high-priority crypto-mining incidents compared to the previous year, while the US saw a three-fold increase. Crypto-mining involves stealing energy and processing power from other devices and networks, with energy suppliers being prime targets due to their vast operational technology infrastructure and access to large energy supplies. Despite being perceived as a minor threat, crypto-mining can slow down systems, damage productivity, and serve as a precursor to more severe attacks like ransomware.
Lewis emphasized the importance of addressing crypto-mining as part of an organization’s overall security posture, highlighting that neglecting this threat can lead to more significant vulnerabilities. Additionally, the report noted that the prevalence of crypto-mining contributes to funding cyber-criminal and nation-state groups, fueling global cybercrime activities.
In the retail sector, cyber-criminals increasingly targeted online accounts in 2022, capitalizing on the growth of online shopping post-COVID. Credential theft, spoofing, and stuffing saw a substantial increase in cyber incidents in the US, Australia, and the UK retail sectors. Lewis stressed the importance of implementing stronger authentication processes for online shopping accounts to combat these attacks effectively.
Healthcare organizations have been prime targets for ransomware attackers, given the sensitive patient data they hold and the potential disruption caused by taking hospital systems offline. Darktrace observed a notable rise in data exfiltration threats targeting the UK and Australian healthcare sectors in 2022, highlighting the challenges specific to each industry.
Overall, the report underscores the sector-specific challenges posed by cyber-threat actors, from the energy sector’s vulnerability to crypto-jacking to the healthcare sector’s risk of data exfiltration. By understanding these trends and implementing robust cybersecurity measures, organizations can better protect themselves against evolving cyber threats.